TrustZone-M: Working Principle and configuration

Hi,

I really like your TrustZone-M implementation.

I am currently wondering about some principles though and hope, you may be able to help me out with this.

I'm using the LPC55S69.
So, when reading its UserManual, there is the following graphic in Chapter 47:

I am assuming that the IDAU interface is defined by ARM themselves, while NXP has to implement the actual IDAU communicating with this interface, which you call DAU here.
The DAU performs a simple and fixed task of splitting addresses above 0x20000000 based on bit 28 into S and NS. Addresses below 0x20000000 are fixed NS when considering the IDAU only.

Does this mean, that the flash addresses -which are below 0x20000000- are split into Secure and Non-Secure only by SAU settings, when leaving all the SECURE_AHB_CONTROLLER settings aside?
I'm asking because in chapter 2.1.3: "TrustZone and system mapping on this device" of UM11126 the flash addresses seem to be fixed S and NS based on bit 28, too.

Regarding the AHB_SECURE_CONTROLLER:

What would for example happen if there were no Master Security Wrappers (MSW's)?
Would any BusMaster, like Core1, USB, DMA etc. which does not know about the security extension be able to access both, secure and non-secure resources?

Are MISC_CTRL_REG and MISC_CTRL_REG_DP the single point to activate all the additional security defined by AHB_SECURE_CONTROL in general or would for example my flash security and privilege rules still protect me if these registers are unset?
I did not fully understand if these are the single -or actually double- point of failure.

Hope to hear from you.

Thanks && all the best,
marvin